|
|
07-31-2006, 05:23 AM
|
#1
|
BBF Moderator
Join Date: Mar 2005
Location: Northern California
Model: 9700
PIN: Agaboobie
Carrier: AT&T
Posts: 5,518
|
Debate This - BES Privacy
Please Login to Remove!
I am curious about what can be seen on BES and what are privacy rights of those of us on BES. I am going to make a basic assumption for this thread. You as an individual were asked by your firm to buy the BB and you use BIS also. Debate the necessity of that assumption if you like. The purpose is to establish some baseline rights in the BB and it's operation.
At that point you connect to a BES. What can a BES see? Texting, Phone Logs, BB Messenger Conversations, etc? So if anyone can provide the full list that would be great, Jibi?
So then what do you think your privacy rights are?
|
Offline
|
|
07-31-2006, 05:46 AM
|
#2
|
No longer Registered.
Join Date: Jan 2005
Location: Jacksonville, FLorida
Model: 9000!
PIN: NOT!
Carrier: AT&T
Posts: 3,762
|
I do know that if there is a strong enough will to see and hear what you are doing, it can be done. If you are issued a BB with your company and use their BES, then they should have rights, too. If it is your BB and your BIS, they do not!
Never assume that you are absolutely safe on either BIS or BES, nothing is abosolute, nothing.
I have no worries as I have little to hide.
|
Offline
|
|
07-31-2006, 06:06 AM
|
#3
|
CrackBerry Addict
Join Date: Oct 2005
Location: Brooklyn, NY
Model: 9000
OS: 5.0.0.106
Carrier: AT&T
Posts: 877
|
Quote:
Originally Posted by Stinsonddog
I am curious about what can be seen on BES and what are privacy rights of those of us on BES. I am going to make a basic assumption for this thread. You as an individual were asked by your firm to buy the BB and you use BIS also. Debate the necessity of that assumption if you like. The purpose is to establish some baseline rights in the BB and it's operation.
At that point you connect to a BES. What can a BES see? Texting, Phone Logs, BB Messenger Conversations, etc? So if anyone can provide the full list that would be great, Jibi?
So then what do you think your privacy rights are?
|
In a BES 4 / BB 4.x environment, if you want to see what the BES "sees", wipe the device and then do an Enterprise Activation and see what comes back, or more importantly what DOESN'T come back. What you DO get back: - Phone Logs
- Address Book
- Calendar
- Notes
- Tasks
- Bookmarks
- Most Settings
What you do NOT get back: - Old email (including BIS email)
- Pictures
- BlackBerry Messenger contacts
That is far from a complete list.
Frankly, I think it's up to the BES provider (company) to clearly define what is allowed and what's considered off limits for them. If they don't explicitly say that your BIS email is subject to their scrutiny, it should be off limits.
OR, to look at it another way, the provider of BES services has the ability to control and lock down any and all operations of the device through IT Policy. If they don't want you using BIS for whatever reason, that's their prerogative, but if they allow it and don't say that it's subject to their review, it's off limits to them.
In the long run, it would be up to the courts.
If someone got fired because evidence of two employees having an affair which was against firm policy was found in their BIS email by the company and they were fired for it, I'd GUESS they'd have a pretty good case against the company for invasion of privacy if the company never said they would be looking at it.
On the other hand if evidence of insider information being passed through BIS email were found, I don't think the SEC would care where the info came from, and the participants would probably have a lousy invasion of privacy defense!
All that said, the best PRACTICE for ALL users is to never do anything on company provided computers, devices, or services they don't want the company to know about! At the end of the day one can whine all they want about invasion of privacy, but it does little good when you're out of a job and your employment records are tarnished.
__________________
.
.
J
|
Offline
|
|
07-31-2006, 06:54 AM
|
#4
|
Thumbs Must Hurt
Join Date: Jul 2006
Location: Los Angeles
Model: 8700g
Carrier: T-Mobile
Posts: 187
|
Mostly OT
This has nothing to do with BBs directly, but I just had to say it none the less.
It strikes me as amazing, and somewhat sad, how much some things change. there was a time, not really that long ago, where any employee who seriously thought that their employer was reading their email, or logging how they used their computer, would have been considered paranoid, and out of touch with reality. Even the few companies that did read internal email back then, were very careful never to take action on anything solely sourced through email, lest they reveal that they had been reading their employees correspondence. Of course these days it is standard procedure, and many larger companies even have employees (or even departments) who's entire job is to "audit" and "review" employees email and use of the computer.
Now the debate is not IF your employer is reading your email, or logging your calls, or logging your computer activity, but WHICH emails they have a right to read. It really shocks me how amenable people are to this practice.
|
Offline
|
|
07-31-2006, 07:20 AM
|
#5
|
iPhone Convert
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,878
|
Interesting thread, I guess I never thought about the BIS side of things. We have several employees who have purchased their own BB's and want to be able to get company email. They have been added to the BES, but the most restrictive thing we have in the IT Policy is a forced password.
So in reading this, IS there a way to read someone's BIS email via the BES?? Our IT dept doesn't restrict people from being able to log in (via their PC) to personal email accounts, so what would stop them from cutting/pasting information from a company email into a personal account and sending it to a competitor (via PC)? And if this isn't 'policed', why would BIS be policed for those on the BES?
I do know that any mail that is sent to a competitor's domain is held and read before it is sent on (some of it is even flagged and sent to upper management).
This conversation should be fun....
__________________
No longer a BES Admin, but it was fun while it lasted!
|
Offline
|
|
07-31-2006, 09:20 AM
|
#6
|
BBF Moderator
Join Date: Mar 2005
Location: Northern California
Model: 9700
PIN: Agaboobie
Carrier: AT&T
Posts: 5,518
|
For the first few posts, all warnings are noted, and I am not personally concerned, but just curious about more than anything. The one area that seems to walk the line is BB Messenger. I know auditing tools were put in BES 4.1, but there you can have private messages and company messages. Seems like to have a right to both and in some sense a right of privacy if the company doesn't tell you that it is auditing the messages. Will we start to see privacy junk mail from our companies like we see from healthcare providers in the US?
|
Offline
|
|
07-31-2006, 09:36 AM
|
#7
|
Thumbs Must Hurt
Join Date: Aug 2005
Location: Charlottetown, PEI, Canada
Model: 7250
Carrier: Bell
Posts: 95
|
You should also note that it is extremely easy to set up autoBCC addresses on the BES that do exactly what they say - each message sent from every handheld on the BES will be blind carbon copied to the address(es) specified.
That would be the simplest way to capture outgoing messages, whatever the content, don't you think?
|
Offline
|
|
07-31-2006, 11:34 AM
|
#8
|
BlackBerry Extraordinaire
Join Date: Feb 2006
Location: YYZ
Model: 9900
Carrier: Rogers
Posts: 1,183
|
Keep in mind that as soon as you're on the BES you are using company resources. Their server, their bandwidth, their info. They are free to audit anything that uses company resources. If you want privacy, don't put your personnal BB on a corporate BES.
|
Offline
|
|
07-31-2006, 01:28 PM
|
#9
|
Thumbs Must Hurt
Join Date: May 2006
Location: Red Stick
Model: 9650
OS: 6.0.0.280
Carrier: Sprint
Posts: 157
|
I have a personal BB on my agency's BES. I decided to do this after careful consideration on the impact this would have if someone in the agency thought it would be "interesting" to start doing things with my private property (both the BB and the information it contained). In the end, I wanted the convenience of my work email coming to my BB without cumbersome forwarding and I wanted the Lookup function when I was away from my desk.
It occurred to me that, first of all, I work for a government agency; therefore I don't have any rights and that's the truth. There may be some written policy somewhere detailing some employee rights, but those can be amended on the fly without my consent or any real legal process. I have to work when, where and in what way that the PTB (powers that be) decide. If my bosses really want to read all the naughty email my wife sends to me or scrutinize my addressbook for "suspicious" persons, they'll do that if they find a need and will re-write policy to suit their purpose, giving me no recourse in the matter. I could easily be dismissed with no real explanation other than "violiation of agency policy," whether or not I was ever made aware of such policy.
The second thing that occurred to me was that there is no way that anything that I'm doing could possibly compare to the expoits of the elected and appointed officials that are my bosses. Try as I might, I couldn't do anything that these people would find shocking
In the end, there's no use in worrying about it. No matter who you are, or who you work for, you really have zero privacy in any part of your life. There isn't a single aspect of your existence that isn't being logged or recorded by someone, somewhere. Heck, my job is to delve deeply into the personal lives of private citizens. I do it for the "greater good" and I don't ever use this information for any "bad" purpose (at least to my thinking; some might disagree).
Oh, and if you think you don't have anything to hide, that's just silly. Everyone has something they'd rather that no one else know. Just don't put it on your BB
|
Offline
|
|
07-31-2006, 01:41 PM
|
#10
|
CrackBerry Addict
Join Date: Aug 2005
Location: London, UK
Model: 9700
Carrier: O2
Posts: 961
|
guys -its quite simple as i see it...
If you're using company property (BES) then they can look at anything they want to. If they're looking for an excuse to can you then they might look at your mail records (amongst other things)
In the UK, lots of people have "work phones" and "social phones" - i.e. the work one is provided by the company, has company sim card and can be audited. The personal one is your own perogrative/problem and company has no right to audit etc. So in BB land just buy another freeking device and SIM card, problem solved. If you don't care then don't buy one.
|
Offline
|
|
07-31-2006, 01:42 PM
|
#11
|
Talking BlackBerry Encyclopedia
Join Date: Oct 2005
Location: LA
Model: 9630
Carrier: Sprint
Posts: 209
|
Quote:
Originally Posted by mister.zero
I have a personal BB on my agency's BES. I decided to do this after careful consideration on the impact this would have if someone in the agency thought it would be "interesting" to start doing things with my private property (both the BB and the information it contained). In the end, I wanted the convenience of my work email coming to my BB without cumbersome forwarding and I wanted the Lookup function when I was away from my desk.
It occurred to me that, first of all, I work for a government agency; therefore I don't have any rights and that's the truth. There may be some written policy somewhere detailing some employee rights, but those can be amended on the fly without my consent or any real legal process. I have to work when, where and in what way that the PTB (powers that be) decide. If my bosses really want to read all the naughty email my wife sends to me or scrutinize my addressbook for "suspicious" persons, they'll do that if they find a need and will re-write policy to suit their purpose, giving me no recourse in the matter. I could easily be dismissed with no real explanation other than "violiation of agency policy," whether or not I was ever made aware of such policy.
The second thing that occurred to me was that there is no way that anything that I'm doing could possibly compare to the expoits of the elected and appointed officials that are my bosses. Try as I might, I couldn't do anything that these people would find shocking
In the end, there's no use in worrying about it. No matter who you are, or who you work for, you really have zero privacy in any part of your life. There isn't a single aspect of your existence that isn't being logged or recorded by someone, somewhere. Heck, my job is to delve deeply into the personal lives of private citizens. I do it for the "greater good" and I don't ever use this information for any "bad" purpose (at least to my thinking; some might disagree).
Oh, and if you think you don't have anything to hide, that's just silly. Everyone has something they'd rather that no one else know. Just don't put it on your BB
|
Sad, but true...
__________________
GREEN BiG BiRDZ/ YELLOW & BLUE NiKE'S!
|
Offline
|
|
08-10-2006, 07:56 AM
|
#12
|
iPhone Convert
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,878
|
Due in large part to this thread, we will be updating our IT policy to not allow other message services. People can still receive personal email, but any replies/forwards will be sent as the corporate email account.
Should make for a fun day when the announcement is sent out.
__________________
No longer a BES Admin, but it was fun while it lasted!
|
Offline
|
|
|
|